$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2caa0c7-c5d1-4b80-959d-803dc4d6beee.roa File: c2caa0c7-c5d1-4b80-959d-803dc4d6beee.roa (raw, json) Hash identifier: MitdO/ub82drcIhtAUtsYhAMssYkiYf5xn5X+jwS9FE= Subject key identifier: DF:6F:2E:41:2E:27:63:C2:C2:53:CC:2E:8F:F5:8A:1A:FB:BB:72:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7157EAF6953972D787DE8D630BA56F5BB048B52C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2caa0c7-c5d1-4b80-959d-803dc4d6beee.roa Signing time: Sat 14 Feb 2026 00:00:31 +0000 ROA not before: Sat 14 Feb 2026 00:00:31 +0000 ROA not after: Fri 15 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:57:ea:f6:95:39:72:d7:87:de:8d:63:0b:a5:6f:5b:b0:48:b5:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 14 00:00:31 2026 GMT Not After : May 15 23:59:59 2026 GMT Subject: serialNumber=ae7dd5345619bc7e96ad6aadaaebad3b9fc6904ff7f9b1028432ff2d614e3411, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e2:e6:83:b4:02:2b:15:e0:fb:79:5f:b3:68: e7:71:9a:f7:32:d0:79:a7:16:3d:e8:de:8a:0f:21: 76:05:49:23:5e:88:a7:1d:25:c7:ef:cc:fa:4c:75: 46:3a:a1:ff:ee:1f:12:87:0c:fe:10:89:c4:b0:dc: e2:a2:59:74:a8:31:fd:89:fd:39:e1:90:fa:e5:0e: 49:b2:5c:32:b5:48:b3:33:ae:5d:0f:4c:16:7a:e3: 84:ed:6b:7a:8a:ff:b8:14:47:83:46:a7:34:9f:bf: f6:60:33:7b:e1:9b:f9:2b:58:ad:49:a8:95:0a:3d: 9c:a0:8b:f2:23:08:af:2f:3b:57:e5:84:2a:d3:2e: 6e:df:8d:95:c6:31:7b:eb:03:49:16:e0:ba:ed:96: 83:d4:30:42:4a:91:fc:86:d8:6c:6b:4d:4e:a3:80: 74:e8:5d:67:f4:d1:41:f8:49:38:69:13:88:f9:12: 3b:c1:7b:f8:61:32:7e:53:b0:ae:7f:67:2a:b4:56: df:e4:70:18:35:17:2f:a0:fc:34:67:bb:10:2e:54: 32:d1:ee:cb:eb:fc:40:2d:d9:73:fd:aa:0f:2b:bf: 5c:37:70:e4:ac:e6:2d:d3:60:19:31:d5:07:2a:a4: e1:75:48:06:8a:66:f8:4d:14:b7:86:cc:55:45:80: 39:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:6F:2E:41:2E:27:63:C2:C2:53:CC:2E:8F:F5:8A:1A:FB:BB:72:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2caa0c7-c5d1-4b80-959d-803dc4d6beee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:9000::/40 Signature Algorithm: sha256WithRSAEncryption 72:59:90:be:ad:c9:42:dd:6e:65:b8:e1:3e:26:91:e1:9b:c8: b0:76:94:dd:52:d6:70:f9:bd:b6:c8:b5:35:47:d9:91:dd:dc: 11:bb:25:6f:5d:56:3a:51:57:8e:0f:7d:35:b4:14:00:68:5a: c4:0c:d3:fe:87:30:07:d2:01:c1:72:02:86:87:81:e5:c9:6e: 9c:c8:91:7c:9b:4a:2a:53:6a:76:e1:de:5e:b3:b7:e8:e1:5f: 3d:79:b4:67:6c:db:24:8a:36:2f:b4:8a:f0:ab:14:b1:5e:86: f4:cb:d8:29:fc:45:01:2c:9e:7a:b7:18:95:0d:e1:1b:01:a3: 40:00:9b:0c:dd:5f:8d:7f:ce:7b:52:91:22:86:b9:6e:63:a4: ca:a3:cd:e8:2e:c4:c1:4f:cf:19:47:37:f6:b2:21:8d:48:06: b5:e0:5d:2c:65:01:f1:aa:1c:28:84:42:af:7f:01:a3:b7:6f: 86:c4:3a:07:11:0b:15:dc:78:a0:9e:7a:fe:14:f8:c5:e1:65: be:45:90:41:4f:0d:d9:c3:28:70:73:55:02:8f:b6:68:1f:33: 93:86:8a:8a:af:c3:57:07:55:8b:74:48:43:b6:9c:83:3f:a3: cc:37:f0:ec:39:1d:28:1d:f8:0e:2e:6a:c1:ac:f3:92:d7:f4: 08:a7:e5:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcVfq9pU5cteH3o1jC6VvW7BItSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNDAwMDAzMVoX DTI2MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAYWU3ZGQ1MzQ1NjE5YmM3ZTk2YWQ2 YWFkYWFlYmFkM2I5ZmM2OTA0ZmY3ZjliMTAyODQzMmZmMmQ2MTRlMzQxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Lmg7QCKxXg+3lfs2jncZr3MtB5 pxY96N6KDyF2BUkjXoinHSXH78z6THVGOqH/7h8Shwz+EInEsNzioll0qDH9if05 4ZD65Q5JslwytUizM65dD0wWeuOE7Wt6iv+4FEeDRqc0n7/2YDN74Zv5K1itSaiV Cj2coIvyIwivLztX5YQq0y5u342VxjF76wNJFuC67ZaD1DBCSpH8hthsa01Oo4B0 6F1n9NFB+Ek4aROI+RI7wXv4YTJ+U7Cuf2cqtFbf5HAYNRcvoPw0Z7sQLlQy0e7L 6/xALdlz/aoPK79cN3DkrOYt02AZMdUHKqThdUgGimb4TRS3hsxVRYA58wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN9vLkEuJ2PCwlPMLo/1ihr7u3I2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyY2FhMGM3LWM1ZDEtNGI4MC05NTlkLTgwM2RjNGQ2YmVlZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9JAwDQYJKoZIhvcNAQELBQADggEBAHJZkL6tyULdbmW44T4m keGbyLB2lN1S1nD5vbbItTVH2ZHd3BG7JW9dVjpRV44PfTW0FABoWsQM0/6HMAfS AcFyAoaHgeXJbpzIkXybSipTanbh3l6zt+jhXz15tGds2ySKNi+0ivCrFLFehvTL 2Cn8RQEsnnq3GJUN4RsBo0AAmwzdX41/zntSkSKGuW5jpMqjzeguxMFPzxlHN/ay IY1IBrXgXSxlAfGqHCiEQq9/AaO3b4bEOgcRCxXceKCeev4U+MXhZb5FkEFPDdnD KHBzVQKPtmgfM5OGioqvw1cHVYt0SEO2nIM/o8w38Ow5HSgd+A4uasGs85LX9Ain 5aM= -----END CERTIFICATE-----Generated at Sun Mar 1 21:53:26 2026 by rpki-client